GHSA-C4WJ-P3M6-6483 vulnerabilities

Vulnerabilities for packages: binutils...

H3C SSL VPN <=2022-07-10 - Cross-Site Scripting

H3C SSL VPN 2022-07-10 and prior contains a cookie-based cross-site scripting vulnerability in wnm/login/login.json svpnlang. id: CVE-2022-35416 info: name: H3C SSL VPN =2022-07-10 - Cross-Site Scripting author: 0x240x23elu severity: medium description: | H3C SSL VPN 2022-07-10 and prior contains...

GHSA-R5M4-5VWW-W9F5 vulnerabilities

Vulnerabilities for packages: gdal...

GHSA-PXH5-6RRC-8RJV vulnerabilities

Vulnerabilities for packages: opentofu, opentofu-fips...

GHSA-HPP8-75J8-PRPW vulnerabilities

Vulnerabilities for packages: chromium...

GHSA-RXXM-P26X-J53P vulnerabilities

Vulnerabilities for packages: chromium...

GHSA-39VG-P77Q-35GX vulnerabilities

Vulnerabilities for packages: chromium...

GHSA-QC83-G4W3-PXPQ vulnerabilities

Vulnerabilities for packages: chromium...

GHSA-JMG2-VQR6-G8H5 vulnerabilities

Vulnerabilities for packages: chromium...

GHSA-854V-W859-V99C vulnerabilities

Vulnerabilities for packages: chromium...

ROOT-APP-NPM-GHSA-2CM2-M3W5-GP2F GHSA-2cm2-m3w5-gp2f in @rootio/vm2 - Patched by Root

Root has patched GHSA-2cm2-m3w5-gp2f in the @rootio/vm2 package for Root:npm. Multiple fixed versions available...

GHSA-M62J-63MF-XR95 vulnerabilities

Vulnerabilities for packages: dnsmasq...

ROOT-APP-PYPI-GHSA-X284-J5P8-9C5P GHSA-x284-j5p8-9c5p in rootio-pypdf - Patched by Root

Root has patched GHSA-x284-j5p8-9c5p in the rootio-pypdf package for Root:PyPI. Multiple fixed versions available...

CVE-2026-49144

creationtimestamp| type| source ---|---|--- 2026-06-03 21:38:40+00:00| published-proof-of-concept| https://github.com/advisories/GHSA-8rpw-6cqh-2v9h 2026-06-03 23:10:53+00:00| seen| https://gist.github.com/alon710/f7bc5351b219485c56b8d23a92985578 2026-06-03 23:20:57+00:00| seen|...

GHSA-Q94G-3GCF-66X7 vulnerabilities

Vulnerabilities for packages: uutils...

CVE-2026-47249

creationtimestamp| type| source ---|---|--- 2026-06-02 10:30:29+00:00| published-proof-of-concept| https://github.com/klever-io/klever-go/security/advisories/GHSA-w342-mj6g-v9c4...

GHSA-3PV8-6F4R-FFG2 vulnerabilities

Vulnerabilities for packages: rye, wasmcloud, cargo-c, typst, buck2, deno, zizmor, litmus, sccache, wasm-pack, fnm, qdrant, bootc, rustup, cleave...

CVE-2026-44488

creationtimestamp| type| source ---|---|--- 2026-05-30 12:17:22+00:00| published-proof-of-concept| https://github.com/axios/axios/security/advisories/GHSA-777c-7fjr-54vf...

CRLF Injection

Overview Affected versions of this package are vulnerable to CRLF Injection via the parseheader process. An attacker can inject arbitrary carriage return and line feed characters into HTTP headers by sending specially crafted percent-encoded values, potentially leading to response splitting or...

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization via host resolution in the CLI authentication layer. An attacker can obtain authentication tokens intended for GitHub or GitHub Enterprise by causing authenticated requests to be sent to external hosts, as the ho...